<?php
	//echo "I am in session.php page";
require_once(dirname(__FILE__).'/db/security.php');
//Start new session for new user
if (!session_start())
		die('Error starting session!');
//Initialinzing variabels
$username="";
$password="";
$id="";
//Updating session parameters
if (isset($_POST['uname']))
	$username=$_POST['uname'];		
if (isset($_POST['pwd']))
	$password= $_POST['pwd'];		
if (isset($_POST['id']))
	$id=$_POST['id'];
	//echo "<br/>I 1 am in session.php page: username: ".$username." password: ".$password."id: ".$id;
	
if ($username!="" && $password!="" && $id!=""){	//try if id1!=null
	$security_details=securityDBHandler::find_security_details($id);
	if($security_details){
	//echo "<br/>I 2 am in session.php page: ";
		$row = mysql_fetch_assoc($security_details);
		if($row){
			//echo "<br/>I 3 am in session.php page: username: ".$row['username']." ".$row['password']." ".$row['id']." ";
			//echo "<br/> strcmp: ".(strcmp($row['username'],$username))." ".(strcmp(substr($row['password'], 0, strlen($row['password'])-1), $password))." |".substr($row['password'], 0, strlen($row['password'])-1)."| DFDF";
			if( $row['id']==$id && (strcmp(substr($row['password'], 0, strlen($row['password'])-1), $password)==0) && (strcmp($row['username'],$username)==0)) //(strcmp($row['id'],$id)==0) && (strcmp($row['username'],$username)==0) && (strcmp($row['password'],$password)==0))
			{					
				$_SESSION['username']=$username;
				$_SESSION['id']=$id;
				$_SESSION['password']=$password;	
				//echo "<br/>I 4 am in session.php page: username: ";//.$_SESSION['username']." ".$_SESSION['password']." ".$_SESSION['id']." ";
			} else{
				//echo "<br/>if not passed! cheack your pass or username";
				echo '<script type="text/javascript"> alert("Wrong user-name or password, please try again")</script>';
			}
			
		}else{
				echo '<script type="text/javascript"> alert("Wrong ID, please try again")</script>';
			}
	}
	else
		echo '<script type="text/javascript"> alert("Wrong user-name or password, please try again")</script>';
}

?>